There has been conventionally known an apparatus that includes a tamper-resistant module for preventing an application that stores therein secret data such as an authentication key from being analyzed by a malicious third party (hereinafter, “attacker”). The tamper-resistant module is implemented in the apparatus as hardware. Taking into consideration that new attack methods have been recently developed more and more, it is desirable that the application is protected by easily-updatable software in order to flexibly address such new attack methods. As a method of protecting an application by software, tampering verification using a hash value is performed, for example. Also, as another method of protecting an application by software, a decryption and loading function is used, for example. Specifically, the application is encrypted and stored when not used, and the application is decrypted and loaded onto a memory only when necessary. However, in a case where an application is protected by software using such methods, the software that protects the application (hereinafter, “protection control module”) itself might be attacked by an attacker. If the protection control module has been tampered with, the application might be attacked by the attacker.
In view of this problem, it is detected whether the protection control module has been tampered with. If it is detected that the protection control module has been tampered with, a method is used for downloading a normal protection control module from an external server via a network to the apparatus to update the tampered protection control module with the normal protection control module. A prior art relating to tampering detection of a protection control module is disclosed in the Patent Literature 1, for example.
[Patent Literature 1] JP3056732 (pp. 4 to 6 and FIG. 2)
[Non-Patent Literature 1] Tatsuaki OKAMOTO, Hirosuke YAMAMOTO “Gendai Ango” (Modern Cryptography), Sangyotosho (1997)
[Non-Patent Literature 2] ITU-T Recommendation X.509 (1997 E): Information Technology—Open Systems Interconnection—The Directory: Authentication Framework, 1997